logo

Incorrect Provision of Specified Functionality

Draft Class
Structure: Simple
Description

This weakness occurs when software behaves differently than its documented specifications, which can mislead users and create security risks.

Extended Description

When your code's actual behavior doesn't match its promised functionality, it creates a trust gap. Developers and systems relying on your published specs—like API contracts, security guarantees, or performance claims—will make incorrect assumptions. This mismatch often becomes the starting point for security vulnerabilities, as callers use the component in ways you didn't anticipate. To prevent this, treat your specifications as a critical part of your security design. Clearly document all behavioral nuances, edge cases, and security-relevant limitations. Actively test that your implementation aligns perfectly with this documentation, because even minor deviations can be exploited when attackers notice the gap between what you promise and what you actually deliver.
Common Consequences 1
Scope: Other

Impact: Quality Degradation
Potential Mitigations 1
Phase: Implementation
Ensure that your code strictly conforms to specifications.
Demonstrative Examples 2

ID : DX-185

In the following snippet from a doPost() servlet method, the server returns "200 OK" (default) even if an error occurs.

Code Example:

Bad
Java
java

// Something that may throw an exception.* ...} catch (Throwable t) { ``` logger.error("Caught: " + t.toString()); return; }

ID : DX-186
In the following example, an HTTP 404 status code is returned in the event of an IOException encountered in a Java servlet. A 404 code is typically meant to indicate a non-existent resource and would be somewhat misleading in this case.
Code Example:
Bad
Java
java


// something that might throw IOException*
...} catch (IOException ioe) {
```
response.sendError(SC_NOT_FOUND);
}


  
Observed Examples 4
CVE-2002-1446Error checking routine in PKCS#11 library returns "OK" status even when invalid signature is detected, allowing spoofed messages.
CVE-2001-1559Chain: System call returns wrong value (Return of Wrong Status Code), leading to a resultant NULL dereference (NULL Pointer Dereference).
CVE-2003-0187Program uses large timeouts on unconfirmed connections resulting from inconsistency in linked lists implementations.
CVE-1999-1446UI inconsistency; visited URLs list not cleared when "Clear History" option is selected.
   
  
      
 
 
Modes of Introduction 
 
 
 
 
 
  Implementation  
 
 
 
          
 
 
Related Weaknesses 
 
 
 
 
  ChildOf:
 Improper Adherence to Coding Standards (CWE-710) 
 
 
 
 
Taxonomy Mapping 
  • CERT C Secure Coding